RM 1.1 Allowing zip files a security risk?

Mr Lucky

Well-known member
If I allow members to attach zip files for download, I get the feeling we could lay ourselves open to malware?

Is this correct?

If so is there any kind of safer alternative?



XenForo moderator
Staff member
The contents of a .zip file could be anything.

Users should always be wary of downloading or opening files they don't trust or can't verify the content of.

Mr Lucky

Well-known member
Yes, that's what I thought. But if somebody did somehow up[load something malicious, e.g. a trusted member who suddenly became nasty, then would I, as forum owner, be responsible?

This kind of implies I/we are safest with a disclaimer on the resource download page.


Well-known member
You could always put somthing on the server such as clamav with maldet and have it scan the directories where the files are uploaded.